Secure IT – PKI, Certificates, and What Breaks When Trust Fails, E22
Download MP3Public Key Infrastructure (PKI) underpins nearly every secure interaction in modern IT, but it's also one of the most misunderstood and overlooked foundations of security.
In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.
They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.
Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.
Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.
Topics covered:
- What PKI is and why most organizations already depend on it
- Certificates, passwordless authentication, and digital identity
- How PKI misconfigurations enable high-impact attacks
- Why recovery is the weakest form of resilience
- The hidden operational and security risks of foundational systems
In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.
They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.
Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.
Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.
Topics covered:
- What PKI is and why most organizations already depend on it
- Certificates, passwordless authentication, and digital identity
- How PKI misconfigurations enable high-impact attacks
- Why recovery is the weakest form of resilience
- The hidden operational and security risks of foundational systems
Creators and Guests
Host
Jason Kikta
Jason Kikta is the Chief Technology Officer at Automox, where he leads the Product, Engineering, and IT/Security organizations. He has over 30 years of experience in IT, beginning with independent consulting and spanning more than two decades of military service, building and operating communications networks across the globe. During seven years at US Cyber Command’s Cyber National Mission Force, he focused on countering state actors and ransomware threats to critical infrastructure. Jason is an adjunct lecturer for the Alperovitch Institute at Johns Hopkins SAIS and an adjunct senior technical advisor to the Institute for Security and Technology, focused on AI, cybersecurity, and ransomware.
